Level 70
If I am not mistaken, somehow its related with csrf token.
Check this discussion: https://stackoverflow.com/questions/46466167/laravel-5-5-ajax-call-419-unknown-status
Jan 6, 2020
2
Level 8
guzzle post request returns 419 unknown status
Hello, I try to run passport '/oauth/clients' method to create new passport's client with guzzle and got 419 unknown status error I do :
$app_root_url = config('app.url');
\Log::info('-1 REGISTER $app_root_url::');
\Log::info($app_root_url);
$headers = [
'content-type' => 'application/json',
'verify' => true,
'X-CSRF-TOKEN' => csrf_token()
];
$guzzleClient = new \GuzzleHttp\Client();
$url = $app_root_url . '/oauth/clients';
$requestBody['name'] = $newUser->name;
$requestBody['redirect'] = $app_root_url . '/callback';
// $requestBody['Accept'] = 'application/json'; // Do I need this parameter ?
\Log::info('-2 REGISTER $requestBody::');
\Log::info($requestBody);
\Log::info('-3 REGISTER $headers::');
\Log::info($headers);
$request = $guzzleClient->post( $url, [
"headers" => $headers, // Do I need these params ?
'form_params' => $requestBody // ERROR REFERING THIS LINE
]);
$response = $request->send();
\Log::info('-5 REGISTER $response::');
\Log::info($response);
Usually this error shows that CSRF is not set and in log file I see that in headers array X-CSRF-TOKEN is NULL :
[2020-01-07 04:47:02] local.INFO: -1 REGISTER $app_root_url::
[2020-01-07 04:47:02] local.INFO: http://local-hostels3-backend-api.com
[2020-01-07 04:47:02] local.INFO: -2 REGISTER $requestBody::
[2020-01-07 04:47:02] local.INFO: array (
'name' => 'admin',
'redirect' => 'http://local-hostels3-backend-api.com/callback',
)
[2020-01-07 04:47:02] local.INFO: -3 REGISTER $headers::
[2020-01-07 04:47:02] local.INFO: array (
'content-type' => 'application/json',
'verify' => true,
'X-CSRF-TOKEN' => NULL,
)
[2020-01-07 04:47:03] local.ERROR: Client error: `POST http://local-hostels3-backend-api.com/oauth/clients` resulted in a `419 unknown status` response:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width= (truncated...)
{"exception":"[object] (GuzzleHttp\Exception\ClientException(code: 419): Client error: `POST http://local-hostels3-backend-api.com/oauth/clients` resulted in a `419 unknown status` response:
<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"utf-8\">
<meta name=\"viewport\" content=\"width= (truncated...)
at /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:113)
[stacktrace]
#0 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/guzzle/src/Middleware.php(65): GuzzleHttp\Exception\RequestException::create(Object(GuzzleHttp\Psr7\Request), Object(GuzzleHttp\Psr7\Response))
#1 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(203): GuzzleHttp\Middleware::GuzzleHttp\{closure}(Object(GuzzleHttp\Psr7\Response))
#2 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(156): GuzzleHttp\Promise\Promise::callHandler(1, Object(GuzzleHttp\Psr7\Response), Array)
#3 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/TaskQueue.php(47): GuzzleHttp\Promise\Promise::GuzzleHttp\Promise\{closure}()
#4 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(246): GuzzleHttp\Promise\TaskQueue->run(true)
#5 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(223): GuzzleHttp\Promise\Promise->invokeWaitFn()
#6 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(267): GuzzleHttp\Promise\Promise->waitIfPending()
#7 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(225): GuzzleHttp\Promise\Promise->invokeWaitList()
#8 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/promises/src/Promise.php(62): GuzzleHttp\Promise\Promise->waitIfPending()
#9 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/guzzle/src/Client.php(183): GuzzleHttp\Promise\Promise->wait()
#10 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/vendor/guzzlehttp/guzzle/src/Client.php(96): GuzzleHttp\Client->request('post', 'http://local-ho...', Array)
#11 /mnt/_work_sdb8/wwwroot/lar/hostels3-backend-api/app/Http/Controllers/AuthController.php(224): GuzzleHttp\Client->__call('post', Array)
#12 [internal function]: App\Http\Controllers\AuthController->register(Object(Illuminate\Http\Request))
I tried to comment in headers lines one by one :
'verify' => true,
'X-CSRF-TOKEN' => csrf_token()
But I still got the same error.
I commented VerifyCsrfToken in kernel :
protected $middlewareGroups = [
...
// \App\Http\Middleware\VerifyCsrfToken::class,
But got error :
://local-hostels3-backend-api.com/oauth/clients` resulted in a `500 Internal Server Error` response:\n<!doctype html>\n<html class=\"theme-light\">\n<!--\nSymfony\Component\Routing\Exception\RouteNotFoundException: Route [login (truncated...)\n",
"exception": "GuzzleHttp\Exception\ServerException",
In routes/api.php I have :
Route::post('login', 'AuthController@login')->name('api.login');
Route::post('register', 'AuthController@register')->name('api.register');
Route::post('callback', 'AuthController@callback')->name('api.callback');
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
How to fix this error ?
Thanks!
Level 8
Sorry, I did not point in my topic : I make @vue/cli/axios 4 app with requests to Laravel 6 Backend REST API with passport auth driver. So I have axios request to laravel's control in which I run code in my topic.
I know this decision
<meta name="csrf-token" content="{{ csrf_token() }}">
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
for laravel/blade apps with data submitted in blade form when ajax is set:
If there is some decision for Backend REST API control with axios request ?
Please or to participate in this conversation.